package cn.bb.bbstudy.service.impl;

import cn.bb.bbstudy.dao.UserDAO;
import cn.bb.bbstudy.dao.UserRoleDAO;
import cn.bb.bbstudy.pojo.User;
import cn.bb.bbstudy.pojo.UserRole;
import cn.bb.bbstudy.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import javax.servlet.http.HttpSession;
import java.util.ArrayList;
import java.util.Collection;

@Service
@Transactional
public class UserServiceImpl implements UserService, UserDetailsService {

    @Autowired
    private UserDAO userDAO;
    @Autowired
    private HttpSession session;
    @Autowired
    private UserRoleDAO userRoleDAO;

    @Override
    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
        //s为表单传过来的用户名 根据用户名查库
        User user = userDAO.findUserByNme(s);
        //直接放入session域 为空也没关系
        session.setAttribute("loginUser", user);

        //说明该用户存在 需要对比密码 如果通过 就授权
        if (user != null) {
            String password = user.getPassword();
            Collection<GrantedAuthority> grantedAuthorities = grantedAuthorities(user);
            //因为我们没有自己实现它的user 所以这些禁用 凭证之类的 都要自己设置为true 最后传入权限信息
            UserDetails  userDetails = new org.springframework.security.core.userdetails.User(s, password,
                     grantedAuthorities);
            return userDetails;
        }
        //如果校验不通过 就返回空对象
        return null;
    }

    private Collection<GrantedAuthority> grantedAuthorities(User user) {
        //根据传入的user的roleid 来查询对应的角色 并返回该集合
        ArrayList<GrantedAuthority> list = new ArrayList<>();
        UserRole userRole = userRoleDAO.selectByPrimaryKey(user.getRoleId());
        //记得带上ROLE_
        list.add(new SimpleGrantedAuthority("ROLE_" + userRole.getName()));
        return list;
    }

    @Override
    public int deleteByPrimaryKey(Integer id) {
        return userDAO.deleteByPrimaryKey(id);
    }

    @Override
    public int insert(User record) {
        return userDAO.insert(record);
    }

    @Override
    public int insertSelective(User record) {
        return userDAO.insertSelective(record);
    }

    @Override
    public User selectByPrimaryKey(Integer id) {
        return userDAO.selectByPrimaryKey(id);
    }

    @Override
    public int updateByPrimaryKeySelective(User record) {
        return userDAO.updateByPrimaryKeySelective(record);
    }

    @Override
    public int updateByPrimaryKey(User record) {
        return userDAO.updateByPrimaryKey(record);
    }

    @Override
    public User findUserByNme(String username) {
        return userDAO.findUserByNme(username);
    }

    public User findUserByUid(String uid) {
        return userDAO.findUserByUid(uid);
    }
}
